| Nice idea! Looks like one has to be bruteforce all elements except one. |
==> |
| @Heinzeen What exactly you found on the stack? How do the first 20 values look like? |
==> |
| @terbo It does not need to be 3676. Depending on what you input before may change that value. |
==> |
| Indeed I needed more than one exploitation for this. Nice challenge. |
==> |
| At first glance I thought to buffer overflow and redirect the the message-call. Unfortunately the 00-termination of strings made me fail with this attempt. Trying to exploit via a format string does not give me a clue where to attack. Any hints? |
==> |
| Nice one, thanks! |
==> |
| For me it works that way
"\x9a\x0e\x00\x00_%08x.%08x.%08x.%08x.%08x.%3676u%n" |
==> |
| @ano12 I found this quite useful: http://www.cis.syr.edu/~wedu/Teaching/cis643/LectureNotes_New/Format_String.pdf |
==> |
| A fair crackme for beginners. Level 1 is appropiate. Thanks |
==> |
| EM & NM can be rated as level 1 and feasible for beginners. |
==> |
| @_sam there no name/pass algo to reverse but one of the used C-functions can be exploited. |
==> |
| @luc4sb3rt1n What I meant was that the codeflow is good to follow and understandable. |
==> |
| A classic level 1 for beginners! Thanks. |
==> |
| Flag: "_...f3ss0r"
I really enjoyed this one. Could learn something about anti-debug and the pain due tracing modifying code:-) Thanks for sharing the source! |
==> |
| I really enjoyed this!
My guess for the original title is: "modulojustamazing". |
==> |
| I would rate this Level 1-2, since a valid "lucky number" is not shown in plaintext. One might bruteforce it or just follow less than 10 lines of code. Thanks for that, this is a nice one! |
==> |